riot-ci/RIOT
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

sys/crypto: Enable support for AES-192, AES-256

Browse Source
This commit is contained in:
Ollrogge 2021-04-14 22:18:59 +02:00
parent 8a7f3ab6fa
commit 427d2bd06e
24 changed files with 576 additions and 127 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
makefiles/pseudomodules.inc.mk
View File

@ -306,6 +306,9 @@ PSEUDOMODULES += skald_eddystone
# define optimized read function of DS18 driver as a pseudo module
PSEUDOMODULES += ds18_optimized
PSEUDOMODULES += crypto_aes_128
PSEUDOMODULES += crypto_aes_192
PSEUDOMODULES += crypto_aes_256
# By using this pseudomodule, T tables will be precalculated.
PSEUDOMODULES += crypto_aes_precalculated
# This pseudomodule causes a loop in AES to be unrolled (more flash, less CPU)

6
pkg/openwsn/contrib/cryptoengine.c
View File

@ -38,7 +38,7 @@ owerror_t cryptoengine_aes_ccms_enc(uint8_t *a, uint8_t len_a, uint8_t *m,
int ret, len;
uint8_t tmp_buff[MAX_MESSAGE_LEN + CCM_MAC_MAX_LEN];
ret = cipher_init(&cipher, CIPHER_AES_128, key, CCM_BLOCK_SIZE);
ret = cipher_init(&cipher, CIPHER_AES, key, CCM_BLOCK_SIZE);
if (ret != 1) {
return E_FAIL;
@ -64,7 +64,7 @@ owerror_t cryptoengine_aes_ccms_dec(uint8_t *a, uint8_t len_a, uint8_t *m,
int ret, len;
uint8_t tmp_buff[MAX_MESSAGE_LEN];
ret = cipher_init(&cipher, CIPHER_AES_128, key, CCM_BLOCK_SIZE);
ret = cipher_init(&cipher, CIPHER_AES, key, CCM_BLOCK_SIZE);
if (ret != 1) {
return E_FAIL;
@ -88,7 +88,7 @@ owerror_t cryptoengine_aes_ecb_enc(uint8_t *buffer, uint8_t *key)
cipher_t cipher;
int ret, len;
ret = cipher_init(&cipher, CIPHER_AES_128, key, CCM_BLOCK_SIZE);
ret = cipher_init(&cipher, CIPHER_AES, key, CCM_BLOCK_SIZE);
if (ret != 1) {
return E_FAIL;

2
pkg/semtech-loramac/Makefile.dep
View File

@ -1,6 +1,6 @@
USEMODULE += random
USEMODULE += hashes
USEMODULE += crypto_aes
USEMODULE += crypto_aes_128
USEMODULE += semtech_loramac_contrib
USEMODULE += semtech_loramac_mac

16
sys/Makefile.dep
View File

@ -42,17 +42,21 @@ ifneq (,$(filter i2c_scan,$(USEMODULE)))
endif
ifneq (,$(filter prng_fortuna,$(USEMODULE)))
USEMODULE += crypto_aes
endif
ifneq (,$(filter crypto_aes_%,$(USEMODULE)))
USEMODULE += crypto_aes
USEMODULE += crypto_aes_128
endif
ifneq (,$(filter crypto_%,$(USEMODULE)))
USEMODULE += crypto
endif
ifneq (,$(filter cipher_modes,$(USEMODULE)))
USEMODULE += crypto
endif
ifneq (,$(filter crypto,$(USEMODULE)))
DEFAULT_MODULE += crypto_aes_128
endif
ifneq (,$(filter sys_bus_%,$(USEMODULE)))
USEMODULE += sys_bus
USEMODULE += core_msg_bus
@ -60,7 +64,7 @@ endif
ifneq (,$(filter ieee802154_security,$(USEMODULE)))
USEMODULE += crypto
USEMODULE += crypto_aes
USEMODULE += crypto_aes_128
USEMODULE += cipher_modes
endif

14
sys/crypto/Kconfig
View File

@ -19,7 +19,7 @@ choice
The common Crypto block ciphers API has multiple implementations. Choose
one of the following.
config MODULE_CRYPTO_AES
config CRYPTO_AES
bool "AES"
select MODULE_CRYPTO
@ -30,7 +30,17 @@ config MODULE_CRYPTO_3DES
endchoice
menu "Crypto AES options"
depends on MODULE_CRYPTO_AES
depends on CRYPTO_AES
config MODULE_CRYPTO_AES_128
bool "AES-128"
default y
config MODULE_CRYPTO_AES_192
bool "AES-192"
config MODULE_CRYPTO_AES_256
bool "AES-256"
config MODULE_CRYPTO_AES_PRECALCULATED
bool "Pre-calculate T tables"

45
sys/crypto/aes.c
View File

@ -39,6 +39,28 @@
#include <stdint.h>
#include "crypto/aes.h"
#include "crypto/ciphers.h"
#include "kernel_defines.h"
#if !IS_USED(MODULE_CRYPTO_AES_128) && !IS_USED(MODULE_CRYPTO_AES_192) && \
!IS_USED(MODULE_CRYPTO_AES_256)
#error "sys/crypto/aes: No aes module used."
#endif
/**
* @brief AES key size used
*/
#if IS_USED(MODULE_CRYPTO_AES_128) && !IS_USED(MODULE_CRYPTO_AES_192) && \
!IS_USED(MODULE_CRYPTO_AES_256)
# define AES_KEY_SIZE(ctx) AES_KEY_SIZE_128
#elif !IS_USED(MODULE_CRYPTO_AES_128) && IS_USED(MODULE_CRYPTO_AES_192) && \
!IS_USED(MODULE_CRYPTO_AES_256)
# define AES_KEY_SIZE(ctx) AES_KEY_SIZE_192
#elif !IS_USED(MODULE_CRYPTO_AES_128) && !IS_USED(MODULE_CRYPTO_AES_192) && \
IS_USED(MODULE_CRYPTO_AES_256)
# define AES_KEY_SIZE(ctx) AES_KEY_SIZE_256
#else
# define AES_KEY_SIZE(ctx) ctx->key_size
#endif
/**
* Interface to the aes cipher
@ -49,7 +71,9 @@ static const cipher_interface_t aes_interface = {
aes_encrypt,
aes_decrypt
};
const cipher_id_t CIPHER_AES_128 = &aes_interface;
const cipher_id_t CIPHER_AES = &aes_interface;
static const u32 Te0[256] = {
0xc66363a5U, 0xf87c7c84U, 0xee777799U, 0xf67b7b8dU,
@ -794,19 +818,26 @@ static const u32 rcon[] = {
0x1B000000, 0x36000000,
};
int aes_init(cipher_context_t *context, const uint8_t *key, uint8_t keySize)
{
uint8_t i;
/* This implementation only supports a single key size (defined in AES_KEY_SIZE) */
if (keySize != AES_KEY_SIZE) {
if (keySize != AES_KEY_SIZE_128 && keySize != AES_KEY_SIZE_192 &&
keySize != AES_KEY_SIZE_256) {
return CIPHER_ERR_INVALID_KEY_SIZE;
}
if ((keySize == AES_KEY_SIZE_128 && !IS_USED(MODULE_CRYPTO_AES_128)) ||
(keySize == AES_KEY_SIZE_192 && !IS_USED(MODULE_CRYPTO_AES_192)) ||
(keySize == AES_KEY_SIZE_256 && !IS_USED(MODULE_CRYPTO_AES_256))) {
return CIPHER_ERR_INVALID_KEY_SIZE;
}
context->key_size = keySize;
/* Make sure that context is large enough. If this is not the case,
you should build with -DAES */
if (CIPHER_MAX_CONTEXT_SIZE < AES_KEY_SIZE) {
if (CIPHER_MAX_CONTEXT_SIZE < keySize) {
return CIPHER_ERR_BAD_CONTEXT_SIZE;
}
@ -1036,13 +1067,14 @@ int aes_encrypt(const cipher_context_t *context, const uint8_t *plainBlock,
const AES_KEY *key = &aeskey;
res = aes_set_encrypt_key((unsigned char *)context->context,
AES_KEY_SIZE * 8, &aeskey);
AES_KEY_SIZE(context) * 8, &aeskey);
if (res < 0) {
return res;
}
const u32 *rk;
u32 s0, s1, s2, s3, t0, t1, t2, t3;
#ifndef MODULE_CRYPTO_AES_UNROLL
int r;
#endif /* ?MODULE_CRYPTO_AES_UNROLL */
@ -1304,7 +1336,7 @@ int aes_decrypt(const cipher_context_t *context, const uint8_t *cipherBlock,
const AES_KEY *key = &aeskey;
res = aes_set_decrypt_key((unsigned char *)context->context,
AES_KEY_SIZE * 8, &aeskey);
AES_KEY_SIZE(context) * 8, &aeskey);
if (res < 0) {
return res;
@ -1312,6 +1344,7 @@ int aes_decrypt(const cipher_context_t *context, const uint8_t *cipherBlock,
const u32 *rk;
u32 s0, s1, s2, s3, t0, t1, t2, t3;
#ifndef MODULE_CRYPTO_AES_UNROLL
int r;
#endif /* ?MODULE_CRYPTO_AES_UNROLL */

9
sys/crypto/doc.txt
View File

@ -16,12 +16,11 @@
* @section ciphers Ciphers
*
* RIOT supports the following block ciphers:
* * AES-128
* * 3DES (deprecated)
* * AES-128, AES-192, AES-256
* * NULL
*
* You can use them directly by adding `crypto_aes` or `crypto_3des` to your
* USEMODULE-List.
* You can use them directly by adding `crypto_aes_128`, `crypto_aes_192` or
* `crypto_aes_256` to your USEMODULE-List.
* While you can use the ciphers functions directly, you should resort to
* the generic API for block ciphers whenever possible.
*
@ -37,7 +36,7 @@
* plain_text[AES_BLOCK_SIZE] = {0},
* cipher_text[AES_BLOCK_SIZE] = {0};
*
* if (cipher_init(&cipher, CIPHER_AES_128, key, AES_KEY_SIZE) < 0)
* if (cipher_init(&cipher, CIPHER_AES, key, AES_KEY_SIZE) < 0)
* printf("Cipher init failed!\n");
*
* if (cipher_encrypt(&cipher, plain_text, cipher_text) < 0)

2
sys/hashes/cmac.c
View File

@ -49,7 +49,7 @@ int cmac_init(cmac_context_t *ctx, const uint8_t *key, uint8_t key_size)
}
memset(ctx, 0, sizeof(cmac_context_t));
return cipher_init(&(ctx->aes_ctx), CIPHER_AES_128, key, key_size);
return cipher_init(&(ctx->aes_ctx), CIPHER_AES, key, key_size);
}
void cmac_update(cmac_context_t *ctx, const void *data, size_t len)

24
sys/include/crypto/aes.h
View File

@ -13,6 +13,14 @@
* @file
* @brief Headers for the implementation of the AES cipher-algorithm
*
* The default key size is 128 bits. To use a different key size add
* USEMODULE += crypto_aes_192 and/or USEMODULE += crypto_aes_256 to
* your Makefile.
*
* If only one key size is needed and that key size is not 128 bits, the 128 bit
* key size can be disabled with DISABLE_MODULE += crypto_aes_128 as an
* optimization.
*
* @author Freie Universitaet Berlin, Computer Systems & Telematics
* @author Nicolai Schmittberger <nicolai.schmittberger@fu-berlin.de>
* @author Fabrice Bellard
@ -46,20 +54,26 @@ typedef uint8_t u8;
#define AES_MAXNR 14
#define AES_BLOCK_SIZE 16
#define AES_KEY_SIZE 16
/**
* @name AES key sizes
* @{
*/
#define AES_KEY_SIZE_128 16
#define AES_KEY_SIZE_192 24
#define AES_KEY_SIZE_256 32
/** @} */
/**
* @brief AES key
* @see cipher_context_t
*/
struct aes_key_st {
typedef struct aes_key_st {
/** @cond INTERNAL */
uint32_t rd_key[4 * (AES_MAXNR + 1)];
int rounds;
/** @endcond */
};
typedef struct aes_key_st AES_KEY;
} AES_KEY;
/**
* @brief the cipher_context_t-struct adapted for AES

33
sys/include/crypto/ciphers.h
View File

@ -23,6 +23,7 @@
#define CRYPTO_CIPHERS_H
#include <stdint.h>
#include "kernel_defines.h"
#ifdef __cplusplus
extern "C" {
@ -30,8 +31,19 @@ extern "C" {
/* Shared header file for all cipher algorithms */
/** @brief the length of keys in bytes */
#define CIPHERS_MAX_KEY_SIZE 20
/** @brief the length of keys in bytes
*
* As of now AES is the only cipher which supports different key sizes.
* Here we optimize the CIPHERS_MAX_KEY_SIZE to always have the smallest possible
* value based on which AES key sizes are used.
*/
#if IS_USED(MODULE_CRYPTO_AES_256)
#define CIPHERS_MAX_KEY_SIZE 32
#elif IS_USED(MODULE_CRYPTO_AES_192)
#define CIPHERS_MAX_KEY_SIZE 24
#else
#define CIPHERS_MAX_KEY_SIZE 16
#endif
#define CIPHER_MAX_BLOCK_SIZE 16
/**
@ -43,7 +55,8 @@ extern "C" {
*/
#if defined(MODULE_CRYPTO_3DES)
#define CIPHER_MAX_CONTEXT_SIZE 24
#elif defined(MODULE_CRYPTO_AES)
#elif IS_USED(MODULE_CRYPTO_AES_256) || IS_USED(MODULE_CRYPTO_AES_192) || \
IS_USED(MODULE_CRYPTO_AES_128)
#define CIPHER_MAX_CONTEXT_SIZE CIPHERS_MAX_KEY_SIZE
#else
/* 0 is not a possibility because 0-sized arrays are not allowed in ISO C */
@ -56,7 +69,8 @@ extern "C" {
#define CIPHER_ERR_INVALID_LENGTH -4
#define CIPHER_ERR_ENC_FAILED -5
#define CIPHER_ERR_DEC_FAILED -6
/** Is returned by the cipher_init functions, if the corresponding alogirithm has not been included in the build */
/** Is returned by the cipher_init functions, if the corresponding algorithm
* has not been included in the build */
#define CIPHER_ERR_BAD_CONTEXT_SIZE 0
/** Returned by cipher_init upon successful initialization of a cipher. */
#define CIPHER_INIT_SUCCESS 1
@ -65,6 +79,7 @@ extern "C" {
* @brief the context for cipher-operations
*/
typedef struct {
uint8_t key_size; /**< key size used */
uint8_t context[CIPHER_MAX_CONTEXT_SIZE]; /**< buffer for cipher operations */
} cipher_context_t;
@ -96,8 +111,18 @@ typedef struct cipher_interface_st {
typedef const cipher_interface_t *cipher_id_t;
/**
* @brief AES_128 cipher id
*
* @deprecated Use @ref CIPHER_AES instead. Will be removed after 2021.07
* release.
*/
extern const cipher_id_t CIPHER_AES_128;
/**
* @brief AES cipher id
*/
extern const cipher_id_t CIPHER_AES;
/**
* @brief basic struct for using block ciphers

2
sys/net/gnrc/Makefile.dep
View File

@ -28,7 +28,7 @@ ifneq (,$(filter gnrc_lorawan,$(USEMODULE)))
USEMODULE += xtimer
USEMODULE += random
USEMODULE += hashes
USEMODULE += crypto_aes
USEMODULE += crypto_aes_128
USEMODULE += netdev_layer
USEMODULE += gnrc_nettype_lorawan
endif

6
sys/net/gnrc/link_layer/lorawan/gnrc_lorawan_crypto.c
View File

@ -95,7 +95,7 @@ void gnrc_lorawan_encrypt_payload(iolist_t *iolist, const le_uint32_t *dev_addr,
lorawan_block_t *block = (lorawan_block_t *)a_block;
cipher_init(&AesContext, CIPHER_AES_128, appskey, LORAMAC_APPKEY_LEN);
cipher_init(&AesContext, CIPHER_AES, appskey, LORAMAC_APPKEY_LEN);
block->fb = CRYPT_B0_START;
@ -127,7 +127,7 @@ void gnrc_lorawan_encrypt_payload(iolist_t *iolist, const le_uint32_t *dev_addr,
void gnrc_lorawan_decrypt_join_accept(const uint8_t *key, uint8_t *pkt,
int has_clist, uint8_t *out)
{
cipher_init(&AesContext, CIPHER_AES_128, key, LORAMAC_APPKEY_LEN);
cipher_init(&AesContext, CIPHER_AES, key, LORAMAC_APPKEY_LEN);
cipher_encrypt(&AesContext, pkt, out);
if (has_clist) {
@ -145,7 +145,7 @@ void gnrc_lorawan_generate_session_keys(const uint8_t *app_nonce,
memset(buf, 0, sizeof(buf));
cipher_init(&AesContext, CIPHER_AES_128, appkey, LORAMAC_APPSKEY_LEN);
cipher_init(&AesContext, CIPHER_AES, appkey, LORAMAC_APPSKEY_LEN);
/* net_id comes right after app_nonce */
memcpy(buf + 1, app_nonce,

2
sys/net/link_layer/ieee802154/security.c
View File

@ -390,7 +390,7 @@ void ieee802154_sec_init(ieee802154_sec_context_t *ctx)
uint8_t key[] = IEEE802154_DEFAULT_KEY;
assert(CIPHER_MAX_CONTEXT_SIZE >= IEEE802154_SEC_KEY_LENGTH);
cipher_init(&ctx->cipher, CIPHER_AES_128, key, IEEE802154_SEC_KEY_LENGTH);
cipher_init(&ctx->cipher, CIPHER_AES, key, IEEE802154_SEC_KEY_LENGTH);
}
int ieee802154_sec_encrypt_frame(ieee802154_sec_context_t *ctx,

3
tests/sys_crypto/Makefile
View File

@ -4,5 +4,8 @@ USEMODULE += embunit
USEMODULE += crypto_3des
USEMODULE += cipher_modes
USEMODULE += crypto_aes_128
USEMODULE += crypto_aes_192
USEMODULE += crypto_aes_256
include $(RIOTBASE)/Makefile.include

3
tests/sys_crypto/main.c
View File

@ -19,6 +19,9 @@ int main(void)
TESTS_RUN(tests_crypto_aes_tests());
TESTS_RUN(tests_crypto_cipher_tests());
TESTS_RUN(tests_crypto_modes_ccm_tests());
TESTS_RUN(tests_crypto_modes_ccm_tests_128());
TESTS_RUN(tests_crypto_modes_ccm_tests_192());
TESTS_RUN(tests_crypto_modes_ccm_tests_256());
TESTS_RUN(tests_crypto_modes_ocb_tests());
TESTS_RUN(tests_crypto_modes_ecb_tests());
TESTS_RUN(tests_crypto_modes_cbc_tests());

19
tests/sys_crypto/tests-crypto-aes.c
View File

@ -91,27 +91,12 @@ static void test_crypto_aes_init_key_length(void)
cipher_context_t ctx;
int err;
/* A keylength of 192 bit is not supported by the current implementation */
uint8_t unsupported_key_1[24];
/* A keylength of 64 bit is not supported by AES */
uint8_t unsupported_key_1[8];
memset(unsupported_key_1, 0, sizeof(unsupported_key_1));
/* A keylength of 256 bit is not supported by the current implementation */
uint8_t unsupported_key_2[32];
memset(unsupported_key_2, 0, sizeof(unsupported_key_2));
/* A keylength of 64 bit is not supported by AES */
uint8_t unsupported_key_3[8];
memset(unsupported_key_3, 0, sizeof(unsupported_key_3));
err = aes_init(&ctx, unsupported_key_1, sizeof(unsupported_key_1));
TEST_ASSERT_EQUAL_INT(CIPHER_ERR_INVALID_KEY_SIZE, err);
err = aes_init(&ctx, unsupported_key_2, sizeof(unsupported_key_2));
TEST_ASSERT_EQUAL_INT(CIPHER_ERR_INVALID_KEY_SIZE, err);
err = aes_init(&ctx, unsupported_key_3, sizeof(unsupported_key_3));
TEST_ASSERT_EQUAL_INT(CIPHER_ERR_INVALID_KEY_SIZE, err);
}
Test *tests_crypto_aes_tests(void)

29
tests/sys_crypto/tests-crypto-cipher.c
View File

@ -34,7 +34,7 @@ static void test_crypto_cipher_aes_encrypt(void)
int err, cmp;
uint8_t data[16] = { 0 };
err = cipher_init(&cipher, CIPHER_AES_128, TEST_KEY, 16);
err = cipher_init(&cipher, CIPHER_AES, TEST_KEY, 16);
TEST_ASSERT_EQUAL_INT(1, err);
err = cipher_encrypt(&cipher, TEST_INP, data);
@ -50,7 +50,7 @@ static void test_crypto_cipher_aes_decrypt(void)
int err, cmp;
uint8_t data[16];
err = cipher_init(&cipher, CIPHER_AES_128, TEST_KEY, 16);
err = cipher_init(&cipher, CIPHER_AES, TEST_KEY, 16);
TEST_ASSERT_EQUAL_INT(1, err);
err = cipher_decrypt(&cipher, TEST_ENC_AES, data);
@ -65,33 +65,14 @@ static void test_crypto_cipher_init_aes_key_length(void)
cipher_t cipher;
int err;
/* A keylength of 192 bit is not supported by the current implementation */
uint8_t unsupported_key_1[24];
/* A keylength of 64 bit is not supported by AES */
uint8_t unsupported_key_1[8];
memset(unsupported_key_1, 0, sizeof(unsupported_key_1));
/* A keylength of 256 bit is not supported by the current implementation */
uint8_t unsupported_key_2[32];
memset(unsupported_key_2, 0, sizeof(unsupported_key_2));
/* A keylength of 64 bit is not supported by AES */
uint8_t unsupported_key_3[8];
memset(unsupported_key_3, 0, sizeof(unsupported_key_3));
err =
cipher_init(&cipher, CIPHER_AES_128, unsupported_key_1,
cipher_init(&cipher, CIPHER_AES, unsupported_key_1,
sizeof(unsupported_key_1));
TEST_ASSERT_EQUAL_INT(CIPHER_ERR_INVALID_KEY_SIZE, err);
err =
cipher_init(&cipher, CIPHER_AES_128, unsupported_key_2,
sizeof(unsupported_key_2));
TEST_ASSERT_EQUAL_INT(CIPHER_ERR_INVALID_KEY_SIZE, err);
err =
cipher_init(&cipher, CIPHER_AES_128, unsupported_key_3,
sizeof(unsupported_key_3));
TEST_ASSERT_EQUAL_INT(CIPHER_ERR_INVALID_KEY_SIZE, err);
}
Test *tests_crypto_cipher_tests(void)

154
tests/sys_crypto/tests-crypto-modes-cbc.c
View File

@ -32,12 +32,27 @@ static uint8_t TEST_1_KEY[] = {
};
static uint8_t TEST_1_KEY_LEN = 16;
static uint8_t TEST_1_IV[16] = {
static uint8_t TEST_2_KEY[] = {
0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
};
static uint8_t TEST_2_KEY_LEN = 24;
static uint8_t TEST_3_KEY[] = {
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
};
static uint8_t TEST_3_KEY_LEN = 32;
static uint8_t TEST_IV[16] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
};
static uint8_t TEST_1_PLAIN[] = {
static uint8_t TEST_PLAIN[] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
@ -47,7 +62,7 @@ static uint8_t TEST_1_PLAIN[] = {
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
};
static uint8_t TEST_1_PLAIN_LEN = 64;
static uint8_t TEST_PLAIN_LEN = 64;
static uint8_t TEST_1_CIPHER[] = {
0x76, 0x49, 0xab, 0xac, 0x81, 0x19, 0xb2, 0x46,
@ -59,9 +74,31 @@ static uint8_t TEST_1_CIPHER[] = {
0x3f, 0xf1, 0xca, 0xa1, 0x68, 0x1f, 0xac, 0x09,
0x12, 0x0e, 0xca, 0x30, 0x75, 0x86, 0xe1, 0xa7
};
static uint8_t TEST_1_CIPHER_LEN = 64;
static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t iv[16],
static uint8_t TEST_2_CIPHER[] = {
0x4f, 0x02, 0x1d, 0xb2, 0x43, 0xbc, 0x63, 0x3d,
0x71, 0x78, 0x18, 0x3a, 0x9f, 0xa0, 0x71, 0xe8,
0xb4, 0xd9, 0xad, 0xa9, 0xad, 0x7d, 0xed, 0xf4,
0xe5, 0xe7, 0x38, 0x76, 0x3f, 0x69, 0x14, 0x5a,
0x57, 0x1b, 0x24, 0x20, 0x12, 0xfb, 0x7a, 0xe0,
0x7f, 0xa9, 0xba, 0xac, 0x3d, 0xf1, 0x02, 0xe0,
0x08, 0xb0, 0xe2, 0x79, 0x88, 0x59, 0x88, 0x81,
0xd9, 0x20, 0xa9, 0xe6, 0x4f, 0x56, 0x15, 0xcd
};
static uint8_t TEST_3_CIPHER[] = {
0xf5, 0x8c, 0x4c, 0x04, 0xd6, 0xe5, 0xf1, 0xba,
0x77, 0x9e, 0xab, 0xfb, 0x5f, 0x7b, 0xfb, 0xd6,
0x9c, 0xfc, 0x4e, 0x96, 0x7e, 0xdb, 0x80, 0x8d,
0x67, 0x9f, 0x77, 0x7b, 0xc6, 0x70, 0x2c, 0x7d,
0x39, 0xf2, 0x33, 0x69, 0xa9, 0xd9, 0xba, 0xcf,
0xa5, 0x30, 0xe2, 0x63, 0x04, 0x23, 0x14, 0x61,
0xb2, 0xeb, 0x05, 0xe2, 0xc3, 0x9b, 0xe9, 0xfc,
0xda, 0x6c, 0x19, 0x07, 0x8c, 0x6a, 0x9d, 0x1b
};
static uint8_t TEST_CIPHER_LEN = 64;
static void test_encrypt_op_128(uint8_t *key, uint8_t key_len, uint8_t iv[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
@ -69,7 +106,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t iv[16],
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_cbc(&cipher, iv, input, input_len, data);
@ -81,7 +118,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t iv[16],
}
static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t iv[16],
static void test_encrypt_op_192(uint8_t *key, uint8_t key_len, uint8_t iv[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
@ -89,10 +126,29 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t iv[16],
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_cbc(&cipher, iv, input, input_len, data);
len = cipher_encrypt_cbc(&cipher, iv, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_encrypt_op_256(uint8_t *key, uint8_t key_len, uint8_t iv[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_cbc(&cipher, iv, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
@ -101,16 +157,88 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t iv[16],
}
static void test_decrypt_op_128(uint8_t *key, uint8_t key_len, uint8_t iv[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_cbc(&cipher, iv, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Decryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong plaintext");
}
static void test_decrypt_op_192(uint8_t *key, uint8_t key_len, uint8_t iv[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_cbc(&cipher, iv, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Decryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong plaintext");
}
static void test_decrypt_op_256(uint8_t *key, uint8_t key_len, uint8_t iv[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_cbc(&cipher, iv, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Decryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong plaintext");
}
static void test_crypto_modes_cbc_encrypt(void)
{
test_encrypt_op(TEST_1_KEY, TEST_1_KEY_LEN, TEST_1_IV, TEST_1_PLAIN,
TEST_1_PLAIN_LEN, TEST_1_CIPHER, TEST_1_CIPHER_LEN);
test_encrypt_op_128(TEST_1_KEY, TEST_1_KEY_LEN, TEST_IV, TEST_PLAIN,
TEST_PLAIN_LEN, TEST_1_CIPHER, TEST_CIPHER_LEN);
test_encrypt_op_192(TEST_2_KEY, TEST_2_KEY_LEN, TEST_IV, TEST_PLAIN,
TEST_PLAIN_LEN, TEST_2_CIPHER, TEST_CIPHER_LEN);
test_encrypt_op_256(TEST_3_KEY, TEST_3_KEY_LEN, TEST_IV, TEST_PLAIN,
TEST_PLAIN_LEN, TEST_3_CIPHER, TEST_CIPHER_LEN);
}
static void test_crypto_modes_cbc_decrypt(void)
{
test_decrypt_op(TEST_1_KEY, TEST_1_KEY_LEN, TEST_1_IV, TEST_1_CIPHER,
TEST_1_CIPHER_LEN, TEST_1_PLAIN, TEST_1_PLAIN_LEN);
test_decrypt_op_128(TEST_1_KEY, TEST_1_KEY_LEN, TEST_IV, TEST_1_CIPHER,
TEST_CIPHER_LEN, TEST_PLAIN, TEST_PLAIN_LEN);
test_decrypt_op_192(TEST_2_KEY, TEST_2_KEY_LEN, TEST_IV, TEST_2_CIPHER,
TEST_CIPHER_LEN, TEST_PLAIN, TEST_PLAIN_LEN);
test_decrypt_op_256(TEST_3_KEY, TEST_3_KEY_LEN, TEST_IV, TEST_3_CIPHER,
TEST_CIPHER_LEN, TEST_PLAIN, TEST_PLAIN_LEN);
}

6
tests/sys_crypto/tests-crypto-modes-ccm.c
View File

@ -1105,7 +1105,7 @@ static void test_encrypt_op(const uint8_t *key, uint8_t key_len,
TEST_ASSERT_MESSAGE(sizeof(data) >= output_expected_len,
"Output buffer too small");
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ccm(&cipher, adata, adata_len,
@ -1133,7 +1133,7 @@ static void test_decrypt_op(const uint8_t *key, uint8_t key_len,
TEST_ASSERT_MESSAGE(sizeof(data) >= output_expected_len,
"Output buffer too small");
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ccm(&cipher, adata, adata_len,
@ -1271,7 +1271,7 @@ static int _test_ccm_len(func_ccm_t func, uint8_t len_encoding,
uint8_t nonce_len = nonce_and_len_encoding_size - len_encoding;
cipher_init(&cipher, CIPHER_AES_128, key, 16);
cipher_init(&cipher, CIPHER_AES, key, 16);
ret = func(&cipher, NULL, adata_len, mac_length, len_encoding,
nonce, nonce_len, input, input_len, data);

156
tests/sys_crypto/tests-crypto-modes-ctr.c
View File

@ -32,12 +32,27 @@ static uint8_t TEST_1_KEY[] = {
};
static uint8_t TEST_1_KEY_LEN = 16;
static uint8_t TEST_1_COUNTER[16] = {
static uint8_t TEST_2_KEY[] = {
0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
};
static uint8_t TEST_2_KEY_LEN = 24;
static uint8_t TEST_3_KEY[] = {
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
};
static uint8_t TEST_3_KEY_LEN = 32;
static uint8_t TEST_COUNTER[16] = {
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
};
static uint8_t TEST_1_PLAIN[] = {
static uint8_t TEST_PLAIN[] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
@ -47,7 +62,7 @@ static uint8_t TEST_1_PLAIN[] = {
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
};
static uint8_t TEST_1_PLAIN_LEN = 64;
static uint8_t TEST_PLAIN_LEN = 64;
static uint8_t TEST_1_CIPHER[] = {
0x87, 0x4d, 0x61, 0x91, 0xb6, 0x20, 0xe3, 0x26,
@ -59,9 +74,31 @@ static uint8_t TEST_1_CIPHER[] = {
0x1e, 0x03, 0x1d, 0xda, 0x2f, 0xbe, 0x03, 0xd1,
0x79, 0x21, 0x70, 0xa0, 0xf3, 0x00, 0x9c, 0xee
};
static uint8_t TEST_1_CIPHER_LEN = 64;
static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
static uint8_t TEST_2_CIPHER[] = {
0x1a, 0xbc, 0x93, 0x24, 0x17, 0x52, 0x1c, 0xa2,
0x4f, 0x2b, 0x04, 0x59, 0xfe, 0x7e, 0x6e, 0x0b,
0x09, 0x03, 0x39, 0xec, 0x0a, 0xa6, 0xfa, 0xef,
0xd5, 0xcc, 0xc2, 0xc6, 0xf4, 0xce, 0x8e, 0x94,
0x1e, 0x36, 0xb2, 0x6b, 0xd1, 0xeb, 0xc6, 0x70,
0xd1, 0xbd, 0x1d, 0x66, 0x56, 0x20, 0xab, 0xf7,
0x4f, 0x78, 0xa7, 0xf6, 0xd2, 0x98, 0x09, 0x58,
0x5a, 0x97, 0xda, 0xec, 0x58, 0xc6, 0xb0, 0x50
};
static uint8_t TEST_3_CIPHER[] = {
0x60, 0x1e, 0xc3, 0x13, 0x77, 0x57, 0x89, 0xa5,
0xb7, 0xa7, 0xf5, 0x04, 0xbb, 0xf3, 0xd2, 0x28,
0xf4, 0x43, 0xe3, 0xca, 0x4d, 0x62, 0xb5, 0x9a,
0xca, 0x84, 0xe9, 0x90, 0xca, 0xca, 0xf5, 0xc5,
0x2b, 0x09, 0x30, 0xda, 0xa2, 0x3d, 0xe9, 0x4c,
0xe8, 0x70, 0x17, 0xba, 0x2d, 0x84, 0x98, 0x8d,
0xdf, 0xc9, 0xc5, 0x8d, 0xb6, 0x7a, 0xad, 0xa6,
0x13, 0xc2, 0xdd, 0x08, 0x45, 0x79, 0x41, 0xa6
};
static uint8_t TEST_CIPHER_LEN = 64;
static void test_encrypt_op_128(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
@ -69,7 +106,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ctr(&cipher, ctr, 0, input, input_len, data);
@ -81,7 +118,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
}
static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
static void test_encrypt_op_192(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
@ -89,7 +126,45 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ctr(&cipher, ctr, 0, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_encrypt_op_256(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ctr(&cipher, ctr, 0, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_decrypt_op_128(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ctr(&cipher, ctr, 0, input, input_len, data);
@ -98,25 +173,78 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_decrypt_op_192(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ctr(&cipher, ctr, 0, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_decrypt_op_256(uint8_t *key, uint8_t key_len, uint8_t ctr[16],
uint8_t *input, uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ctr(&cipher, ctr, 0, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_crypto_modes_ctr_encrypt(void)
{
uint8_t ctr[16];
memcpy(ctr, TEST_1_COUNTER, 16);
test_encrypt_op(TEST_1_KEY, TEST_1_KEY_LEN, ctr, TEST_1_PLAIN,
TEST_1_PLAIN_LEN, TEST_1_CIPHER, TEST_1_CIPHER_LEN);
memcpy(ctr, TEST_COUNTER, 16);
test_encrypt_op_128(TEST_1_KEY, TEST_1_KEY_LEN, ctr, TEST_PLAIN,
TEST_PLAIN_LEN, TEST_1_CIPHER, TEST_CIPHER_LEN);
memcpy(ctr, TEST_COUNTER, 16);
test_encrypt_op_192(TEST_2_KEY, TEST_2_KEY_LEN, ctr, TEST_PLAIN,
TEST_PLAIN_LEN, TEST_2_CIPHER, TEST_CIPHER_LEN);
memcpy(ctr, TEST_COUNTER, 16);
test_encrypt_op_256(TEST_3_KEY, TEST_3_KEY_LEN, ctr, TEST_PLAIN,
TEST_PLAIN_LEN, TEST_3_CIPHER, TEST_CIPHER_LEN);
}
static void test_crypto_modes_ctr_decrypt(void)
{
uint8_t ctr[16];
memcpy(ctr, TEST_1_COUNTER, 16);
test_decrypt_op(TEST_1_KEY, TEST_1_KEY_LEN, ctr, TEST_1_CIPHER,
TEST_1_CIPHER_LEN, TEST_1_PLAIN, TEST_1_PLAIN_LEN);
memcpy(ctr, TEST_COUNTER, 16);
test_decrypt_op_128(TEST_1_KEY, TEST_1_KEY_LEN, ctr, TEST_1_CIPHER,
TEST_CIPHER_LEN, TEST_PLAIN, TEST_PLAIN_LEN);
memcpy(ctr, TEST_COUNTER, 16);
test_decrypt_op_192(TEST_2_KEY, TEST_2_KEY_LEN, ctr, TEST_2_CIPHER,
TEST_CIPHER_LEN, TEST_PLAIN, TEST_PLAIN_LEN);
memcpy(ctr, TEST_COUNTER, 16);
test_decrypt_op_256(TEST_3_KEY, TEST_3_KEY_LEN, ctr, TEST_3_CIPHER,
TEST_CIPHER_LEN, TEST_PLAIN, TEST_PLAIN_LEN);
}

156
tests/sys_crypto/tests-crypto-modes-ecb.c
View File

@ -32,7 +32,22 @@ static uint8_t TEST_1_KEY[] = {
};
static uint8_t TEST_1_KEY_LEN = 16;
static uint8_t TEST_1_PLAIN[] = {
static uint8_t TEST_2_KEY[] = {
0x8e, 0x73, 0xb0, 0xf7, 0xda, 0x0e, 0x64, 0x52,
0xc8, 0x10, 0xf3, 0x2b, 0x80, 0x90, 0x79, 0xe5,
0x62, 0xf8, 0xea, 0xd2, 0x52, 0x2c, 0x6b, 0x7b
};
static uint8_t TEST_2_KEY_LEN = 24;
static uint8_t TEST_3_KEY[] = {
0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe,
0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81,
0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
};
static uint8_t TEST_3_KEY_LEN = 32;
static uint8_t TEST_PLAIN[] = {
0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
@ -42,7 +57,7 @@ static uint8_t TEST_1_PLAIN[] = {
0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17,
0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
};
static uint8_t TEST_1_PLAIN_LEN = 64;
static uint8_t TEST_PLAIN_LEN = 64;
static uint8_t TEST_1_CIPHER[] = {
0x3a, 0xd7, 0x7b, 0xb4, 0x0d, 0x7a, 0x36, 0x60,
@ -54,9 +69,31 @@ static uint8_t TEST_1_CIPHER[] = {
0x7b, 0x0c, 0x78, 0x5e, 0x27, 0xe8, 0xad, 0x3f,
0x82, 0x23, 0x20, 0x71, 0x04, 0x72, 0x5d, 0xd4
};
static uint8_t TEST_1_CIPHER_LEN = 64;
static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t *input,
static uint8_t TEST_2_CIPHER[] = {
0xbd, 0x33, 0x4f, 0x1d, 0x6e, 0x45, 0xf2, 0x5f,
0xf7, 0x12, 0xa2, 0x14, 0x57, 0x1f, 0xa5, 0xcc,
0x97, 0x41, 0x04, 0x84, 0x6d, 0x0a, 0xd3, 0xad,
0x77, 0x34, 0xec, 0xb3, 0xec, 0xee, 0x4e, 0xef,
0xef, 0x7a, 0xfd, 0x22, 0x70, 0xe2, 0xe6, 0x0a,
0xdc, 0xe0, 0xba, 0x2f, 0xac, 0xe6, 0x44, 0x4e,
0x9a, 0x4b, 0x41, 0xba, 0x73, 0x8d, 0x6c, 0x72,
0xfb, 0x16, 0x69, 0x16, 0x03, 0xc1, 0x8e, 0x0e
};
static uint8_t TEST_3_CIPHER[] = {
0xf3, 0xee, 0xd1, 0xbd, 0xb5, 0xd2, 0xa0, 0x3c,
0x06, 0x4b, 0x5a, 0x7e, 0x3d, 0xb1, 0x81, 0xf8,
0x59, 0x1c, 0xcb, 0x10, 0xd4, 0x10, 0xed, 0x26,
0xdc, 0x5b, 0xa7, 0x4a, 0x31, 0x36, 0x28, 0x70,
0xb6, 0xed, 0x21, 0xb9, 0x9c, 0xa6, 0xf4, 0xf9,
0xf1, 0x53, 0xe7, 0xb1, 0xbe, 0xaf, 0xed, 0x1d,
0x23, 0x30, 0x4b, 0x7a, 0x39, 0xf9, 0xf3, 0xff,
0x06, 0x7d, 0x8d, 0x8f, 0x9e, 0x24, 0xec, 0xc7
};
static uint8_t TEST_CIPHER_LEN = 64;
static void test_encrypt_op_128(uint8_t *key, uint8_t key_len, uint8_t *input,
uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
@ -64,7 +101,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t *input,
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ecb(&cipher, input, input_len, data);
@ -76,7 +113,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len, uint8_t *input,
}
static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t *input,
static void test_encrypt_op_192(uint8_t *key, uint8_t key_len, uint8_t *input,
uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
@ -84,7 +121,87 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t *input,
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ecb(&cipher, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_encrypt_op_256(uint8_t *key, uint8_t key_len, uint8_t *input,
uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ecb(&cipher, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_decrypt_op_128(uint8_t *key, uint8_t key_len, uint8_t *input,
uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ecb(&cipher, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_decrypt_op_192(uint8_t *key, uint8_t key_len, uint8_t *input,
uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ecb(&cipher, input, input_len, data);
TEST_ASSERT_MESSAGE(len > 0, "Encryption failed");
TEST_ASSERT_EQUAL_INT(output_len, len);
cmp = compare(output, data, len);
TEST_ASSERT_MESSAGE(1 == cmp, "wrong ciphertext");
}
static void test_decrypt_op_256(uint8_t *key, uint8_t key_len, uint8_t *input,
uint8_t input_len, uint8_t *output,
uint8_t output_len)
{
cipher_t cipher;
int len, err, cmp;
uint8_t data[64];
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ecb(&cipher, input, input_len, data);
@ -98,17 +215,30 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len, uint8_t *input,
static void test_crypto_modes_ecb_encrypt(void)
{
test_encrypt_op(TEST_1_KEY, TEST_1_KEY_LEN, TEST_1_PLAIN, TEST_1_PLAIN_LEN,
TEST_1_CIPHER, TEST_1_CIPHER_LEN);
test_encrypt_op_128(TEST_1_KEY, TEST_1_KEY_LEN, TEST_PLAIN, TEST_PLAIN_LEN,
TEST_1_CIPHER, TEST_CIPHER_LEN);
test_encrypt_op_192(TEST_2_KEY, TEST_2_KEY_LEN, TEST_PLAIN, TEST_PLAIN_LEN,
TEST_2_CIPHER, TEST_CIPHER_LEN);
test_encrypt_op_256(TEST_3_KEY, TEST_3_KEY_LEN, TEST_PLAIN, TEST_PLAIN_LEN,
TEST_3_CIPHER, TEST_CIPHER_LEN);
}
static void test_crypto_modes_ecb_decrypt(void)
{
test_decrypt_op(TEST_1_KEY, TEST_1_KEY_LEN, TEST_1_CIPHER,
TEST_1_CIPHER_LEN,
TEST_1_PLAIN, TEST_1_PLAIN_LEN);
}
test_decrypt_op_128(TEST_1_KEY, TEST_1_KEY_LEN, TEST_1_CIPHER,
TEST_CIPHER_LEN,
TEST_PLAIN, TEST_PLAIN_LEN);
test_decrypt_op_192(TEST_2_KEY, TEST_2_KEY_LEN, TEST_2_CIPHER,
TEST_CIPHER_LEN,
TEST_PLAIN, TEST_PLAIN_LEN);
test_decrypt_op_256(TEST_2_KEY, TEST_2_KEY_LEN, TEST_2_CIPHER,
TEST_CIPHER_LEN,
TEST_PLAIN, TEST_PLAIN_LEN);
}
Test *tests_crypto_modes_ecb_tests(void)
{

6
tests/sys_crypto/tests-crypto-modes-ocb.c
View File

@ -277,7 +277,7 @@ static void test_encrypt_op(uint8_t *key, uint8_t key_len,
TEST_ASSERT_MESSAGE(sizeof(data) >= output_expected_len,
"Output buffer too small");
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_encrypt_ocb(&cipher, adata, adata_len,
@ -327,7 +327,7 @@ static void test_decrypt_op(uint8_t *key, uint8_t key_len,
TEST_ASSERT_MESSAGE(sizeof(data) >= output_expected_len,
"Output buffer too small");
err = cipher_init(&cipher, CIPHER_AES_128, key, key_len);
err = cipher_init(&cipher, CIPHER_AES, key, key_len);
TEST_ASSERT_EQUAL_INT(1, err);
len = cipher_decrypt_ocb(&cipher, adata, adata_len,
@ -412,7 +412,7 @@ static void test_crypto_modes_ocb_bad_parameter_values(void)
uint8_t key[16], auth_data[1], nonce[16], input[16], output[32];
cipher_t cipher;
cipher_init(&cipher, CIPHER_AES_128, key, 16);
cipher_init(&cipher, CIPHER_AES, key, 16);
/* tag length must be positive */
int rv = cipher_encrypt_ocb(&cipher, auth_data, sizeof(auth_data), 0, nonce,
15, input, sizeof(input), output);

3
tests/sys_crypto/tests-crypto.h
View File

@ -59,6 +59,9 @@ static inline int compare(const uint8_t *a, const uint8_t *b, uint8_t len)
Test* tests_crypto_aes_tests(void);
Test* tests_crypto_cipher_tests(void);
Test* tests_crypto_modes_ccm_tests(void);
Test* tests_crypto_modes_ccm_tests_128(void);
Test* tests_crypto_modes_ccm_tests_192(void);
Test* tests_crypto_modes_ccm_tests_256(void);
Test* tests_crypto_modes_ocb_tests(void);
Test* tests_crypto_modes_ecb_tests(void);
Test* tests_crypto_modes_cbc_tests(void);

2
tests/unittests/tests-hashes/Makefile.include
View File

@ -1,2 +1,2 @@
USEMODULE += hashes
USEMODULE += crypto_aes
USEMODULE += crypto_aes_128